Friday, June 14, 2013

real time port utilization in solaris

I learned TCP/IP using Solaris snoop. Many years after it is proven to be still powerful. I had this issue today where I could not find from where certain requests were coming to one of our services, which is filling log files with socket write error failures, every time a TCP connection is open and suddenly closed. Actually finding the culprit is quite easy with snoop you just provide 'port $port' option and you will see all TCP traffic to and from the local port.
snoop -t a port 9000 > /tmp/snoop.log &
Continue working on something else and inspect snoop.log until you find the culprit. Do not forget to kill the background process though ;-)

No comments: